North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Are botnets relevant to NANOG?
At 07:09 PM 5/26/2006, Rick Wesson wrote:
for this community would trend analysis with the best of who is getting better and the worst of who is getting worse and some baseline counts be enough for this group to understand if the problem is getting better.
We all know there is a problem. Botnets/zombies/et. al. are the
number one threat to the infrastructure and the attacks may be deliberate or
they may be a distraction. The motive is unclear because attacking,
for example, root servers, is an effort without some obvious economic
incentive, at least that I can see. It doesn't make a lot of sense because
the conventional wisdom before they open recursive attacks was that
it was in the miscreants best interest to not attack infrastructure
so that it could facilitate their reachable "goals".
The DA report went through a large thread(s) to post statistics here
and I'm not sure why yours will be any better, or, just another set
of statistics which further de-sensitizes everyone to the problem. I
mean, it looks like, all of a sudden, the DNS community has a big
problem with these open recursive attacks, ran off privately, and
have now determined that it's a feature, not a bug, and well, heck,
operators are now responsible. I am not saying that is the answer, but
I am saying I am reading the OARC comments and this is sort of what
it fees like. As much as Gadi seems to appropriate others credit,
Randy Vaugh and him have been doing this work for some time and
deserves some credit so I'd say "have you spoken to them about how
to make their report better" yet instead of "create more".
Martin Hannigan (c) 617-388-2663
Renesys Corporation (w) 617-395-8574
Member of Technical Staff Network Operations